1 : <?php
2 : /*
3 : ThWboard - PHP/MySQL Bulletin Board System
4 : ==============================================
5 : (c) 2000, 2001 by
6 : Paul Baecher <paul@thewall.de>
7 : Felix Gonschorek <funner@thewall.de>
8 :
9 : download the latest version:
10 : http://www.thwboard.de
11 :
12 : This program is free software; you can
13 : redistribute it and/or modify it under the
14 : terms of the GNU General Public License as
15 : published by the Free Software Foundation;
16 : either version 2 of the License, or (at
17 : your option) any later version.
18 :
19 : ==============================================
20 :
21 : */
22 : /*--------------------------------------------------------------------------+
23 : This file is part of eStudy.
24 : forum/classes/class.functions.inc.php
25 : - Modulgruppe: Forum
26 : - Beschreibung: Diverse Funktionen
27 : - Version: 02/26/04
28 : - Autor(en): Benjamin Stadin <stadin@gmx.de>
29 : +---------------------------------------------------------------------------+
30 : This program is free software; you can redistribute it and/or
31 : modify it under the terms of the GNU General Public License
32 : as published by the Free Software Foundation; either version 2
33 : of the License, or any later version.
34 : +---------------------------------------------------------------------------+
35 : This program is distributed in the hope that it will be useful,
36 : but WITHOUT ANY WARRANTY; without even the implied warranty of
37 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
38 : GNU General Public License for more details.
39 : You should have received a copy of the GNU General Public License
40 : along with this program; if not, write to the Free Software
41 : Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
42 : +--------------------------------------------------------------------------*/
43 : /**
44 : * Systemfunktionen des Forums (Zugriffsrechte, Templates, allgemeine Funktionen).
45 : * @package eStudy.PhotoGallery
46 : * @author Frank Staudt <frankstaudt@hotmail.com>
47 : * @author Björn Lehnhardt <beini@gmx.de>
48 : * @author Benjamin Stadin <stadin@gmx.de>
49 : * @version 1.0, 02/26/04
50 : */
51 : require_once (PATH_TO_ROOT."roleplay/classes/class.role.inc.php");
52 : require_once (PATH_TO_ROOT."teams/classes/class.team.inc.php");
53 : /**
54 : * Picture-Link
55 : *
56 : * Liefert einen Link, dargestellt als verkleinerets Bild, auf das Originalbild
57 : * zurück.
58 : *
59 : * @access public
60 : * @static
61 : * @param string $picture Dateiname des Bildes, dass angezeigt werden soll
62 : * @param int $user für die Pfadangabe wichtig
63 : * @return mixed string Link in Form eines Bildes zum Originalbild
64 : * bool false: Fehler aufgetreten
65 : */
66 : function getPictureLink($userID, $w, $h) {
67 1 : if ($userID > 0) {
68 1 : global $settings, $db, $EZSQL_ERROR;
69 1 : $userHomepageData = $db->get_row("SELECT picture, Vorname, Nachname FROM user WHERE ID = ".$userID);
70 1 : if (!$db->num_rows) return false;
71 1 : $picture = $userHomepageData->picture;
72 1 : $userName = Data::toHTML("$userHomepageData->Vorname $userHomepageData->Nachname", false);
73 : //ermittele Pfad zum Upload-Verzeichnis
74 1 : $uploadDir = PATH_TO_ROOT.$settings['upload_path'];
75 1 : if ($picture) {
76 1 : $picPath = $uploadDir."user/".$userID."/";
77 1 : $picLink = $picPath.$picture;
78 1 : $isPicture = is_file($picLink);
79 1 : if ($isPicture) {
80 1 : $picLink = rawurlencode($picLink);
81 1 : $picLink = PATH_TO_ROOT."common/makethumb.php?picurl=$picLink&maxw=$w&maxh=$h";
82 1 : $picturePath = '<img src="'.$picLink.'" alt="Avatar von '.$userName.
83 1 : '" title="Avatar von '.$userName.'" />';
84 1 : return $picturePath;
85 : } else {
86 1 : return false;
87 : }
88 : } else {
89 1 : return false;
90 : }
91 : } else {
92 1 : return false;
93 : }
94 : }
95 : function flagMakeArray($str) {
96 3 : $a = array();
97 3 : $strlen = strlen($str);
98 3 : for ($i = 0 ; $i < $strlen ; $i++) {
99 3 : $a[] = $str[$i];
100 3 : }
101 3 : return $a;
102 : }
103 : function flagOr($stra, $strb) {
104 3 : $str = "";
105 3 : $max = max(strlen($stra), strlen($strb));
106 3 : for ($i = 0 ; $i < $max ; $i++) {
107 3 : if (($i < strlen($stra) && $stra[$i]) || ($i < strlen($strb) && $strb[$i])) {
108 2 : $str.= "1";
109 2 : } else {
110 2 : $str.= "0";
111 : }
112 3 : }
113 3 : return $str;
114 : }
115 : function buildLink($link, $noamp = false) {
116 2 : global $gUser, $s;
117 2 : $add = '';
118 2 : if ($gUser['userID'] != 0) {
119 1 : if ($x = strpos($link, "#")) {
120 1 : $link = substr($link, 0, $x) .$add.substr($link, $x);
121 1 : } else {
122 1 : $link.= $add;
123 : }
124 1 : }
125 2 : return $link;
126 : }
127 :
128 : class Template {
129 : public function __construct($szTemplateName) {
130 5 : if (!file_exists($szTemplateName)) {
131 2 : $this->halt("Unable to load template file: '".$szTemplateName."' does not exist.");
132 2 : }
133 5 : $this->szTemplateData = @implode('', (@file($szTemplateName)));
134 5 : $this->szTemplateData = str_replace('"', '\"', $this->szTemplateData);
135 5 : $this->szTemplateData = preg_replace("/_\('([^']+)'\)/", '".buildLink("$1")."', $this->szTemplateData);
136 5 : }
137 : public function getTemplate($szVarname = "") {
138 3 : if ($szVarname) {
139 1 : return ('if (!isset($'.$szVarname.')) $'.
140 1 : $szVarname.' = ""; $'.$szVarname.
141 1 : ' .= "'.$this->szTemplateData.'";');
142 : } else {
143 3 : return ('compressPage("'.$this->szTemplateData.'");');
144 : }
145 : }
146 : public function halt($szErrorMsg) {
147 3 : echo "<pre>Template error:\n ".$szErrorMsg."</pre>";
148 : // exit;
149 3 : }
150 : }
151 : /*
152 : permission class
153 : */
154 : class Permission {
155 : public $aGroup;
156 : public $aGroupboard;
157 : public $boardid;
158 : public $invisible;
159 : public function __construct($groupids, $boardid = -1, $invisible = 0) {
160 4 : if ($groupids === '') $groupids = '-1';
161 4 : $this->aGroup = array();
162 4 : $rGroup = forumQuery("SELECT groupid, accessmask FROM forum_group WHERE groupid IN(".$groupids.")");
163 4 : while ($group = mysql_fetch_array($rGroup)) {
164 4 : $this->aGroup[$group['groupid']] = $group['accessmask'];
165 4 : }
166 4 : mysql_free_result($rGroup);
167 4 : $this->aGroupboard = array();
168 4 : if ($boardid == -1) $rGroupboard = forumQuery(
169 : "SELECT groupid,
170 : boardid,
171 : accessmask
172 : FROM forum_groupboard
173 2 : WHERE groupid IN (".$groupids.")"
174 2 : );
175 : else{
176 3 : $rGroupboard = forumQuery( "SELECT groupid, boardid, accessmask FROM forum_groupboard WHERE boardid='$boardid' AND groupid IN (".$groupids.")");
177 : }
178 4 : while ($groupboard = mysql_fetch_array($rGroupboard)) {
179 4 : $this->aGroupboard[$groupboard['boardid']][$groupboard['groupid']] = $groupboard['accessmask'];
180 4 : }
181 4 : mysql_free_result($rGroupboard);
182 4 : $this->setBoardid($boardid);
183 4 : $this->invisible = $invisible;
184 4 : }
185 : public function setBoardid($boardid) {
186 4 : $this->boardid = $boardid;
187 4 : }
188 : public function hasPermission($perm) {
189 2 : if ($this->invisible &&
190 1 : ($perm == P_POSTNEW || $perm == P_REPLY) &&
191 2 : !isset($this->aGroup[3])) return false;
192 2 : $mask = "";
193 2 : reset($this->aGroup);
194 2 : reset($this->aGroupboard);
195 2 : while (list($groupid, $accessmask) = each($this->aGroup)) {
196 2 : if (isset($this->aGroupboard[$this->boardid][$groupid])) {
197 1 : $mask = flagOr($mask, $this->aGroupboard[$this->boardid][$groupid]);
198 1 : } else {
199 1 : $mask = flagOr($mask, $accessmask);
200 : }
201 2 : }
202 2 : if (strlen($mask) < $perm) {
203 1 : return false;
204 : }
205 2 : $access = flagMakeArray($mask);
206 2 : return isset($access[$perm]) && (bool)($access[$perm]);
207 : }
208 : }
209 : /*
210 : function requiresPermission($perm) {
211 : global $gUser, $config, $options, $p, $_SERVER, $debug, $debug, $titleprepend, $content, $settings;
212 : if ($p->hasPermission($perm)) return;
213 : global $board;
214 : if (!isset($navpath) || !$navpath) {
215 : $navpath = '<a href="'.buildLink("index.php") .
216 : '" title="Fehler: Zugriff verweigert."></a> » Zugriff verweigert';
217 : } elseif (substr($navpath, strlen($navpath) -8) != "» ") {
218 : $navpath.= " » Zugriff verweigert";
219 : }
220 : $tFrame = new Template("templates/frame.html");
221 : $tNopermission = new Template("templates/nopermission.html");
222 : $tLoginform = '';
223 : if (!$gUser['userID']) {
224 : $tNopermLogin = new Template("templates/noperm_login.html");
225 : $source = urlencode(basename($_SERVER['REQUEST_URI']));
226 : eval($tNopermLogin->getTemplate('t_loginform'));
227 : }
228 : eval($tNopermission->getTemplate("CONTENT"));
229 : eval($tFrame->getTemplate());
230 : include_once PATH_TO_ROOT."forum/footer.inc.php";
231 : require_once (PATH_TO_ROOT."common/footer.inc.php");
232 : exit;
233 : }
234 : */
235 : define('INVALID_CHAR', 1);
236 : define('INVALID_LENGTH', 2);
237 : define('NAME_TAKEN', 3);
238 : define('NAME_BANNED', 4);
239 : //called by register, editprofile
240 : function checkEmail($email) {
241 1 : return eregi("^[\_a-z0-9-]+(\.[\_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email);
242 : }
243 : function message($title, $msg, $optBack = 1, $optIndex = 1) {
244 1 : global $settings;
245 1 : echo "<br/><br/><table width='100%' style='text-align: center;'>";
246 1 : Output::echoMessage($msg);
247 1 : echo "</table><br/><br/>";
248 1 : include_once PATH_TO_ROOT."forum/footer.inc.php";
249 : /** HTML-Fuss und unteres Menue */
250 1 : require_once (PATH_TO_ROOT."common/footer.inc.php");
251 : // exit;
252 1 : }
253 : function errormessage($title = '', $msg, $optBack = 1, $optIndex = 1) {
254 1 : global $settings;
255 1 : echo "<br/><br/><table width='100%' style='text-align: center;'>";
256 1 : Output::errorMessage($msg);
257 1 : echo "</table><br/><br/>";
258 1 : include_once PATH_TO_ROOT."forum/footer.inc.php";
259 : /** HTML-Fuss und unteres Menue */
260 1 : require_once (PATH_TO_ROOT."common/footer.inc.php");
261 : // exit;
262 1 : }
263 : function messageRedirect($msg, $url) {
264 1 : global $settings;
265 1 : $tRedirect = new Template('templates/redirect.html');
266 1 : eval($tRedirect->getTemplate());
267 1 : include_once PATH_TO_ROOT."forum/footer.inc.php";
268 : /** HTML-Fuss und unteres Menue */
269 1 : require_once (PATH_TO_ROOT."common/footer.inc.php");
270 : // exit;
271 1 : }
272 : function formDate($time, $verbose = 1) {
273 1 : global $config;
274 1 : if ($time < (60*60*24)) {
275 1 : return "N/A";
276 : }
277 1 : $time+= $config['timeoffset']*3600;
278 1 : if (date("d.m.Y", (time() +$config['timeoffset']*3600)) == date('d.m.Y', $time) && $verbose) {
279 0 : return "<strong>Heute</strong>, ".Output::echoDate("H:i", (int)$time);
280 : } else {
281 1 : return Output::echoDate("d.m.Y, H:i", (int)$time); // . " Uhr";
282 :
283 : }
284 : }
285 : function rStripslashes(&$array) {
286 1 : while (list($k, $v) = each($array)) {
287 1 : if ($k != 'argc' && $k != 'argv' && (strtoupper($k) != $k || ''.intval($k) == "$k")) {
288 1 : if (is_string($v)) {
289 1 : $array[$k] = stripslashes($v);
290 1 : }
291 1 : if (is_array($v)) {
292 1 : $array[$k] = rStripslashes($v);
293 1 : }
294 1 : }
295 1 : }
296 1 : return $array;
297 : }
298 : function jumpmenu($currentboard = 1) {
299 1 : global $gUser;
300 1 : $p = new Permission($gUser['groupids']);
301 : // precache boards
302 1 : $aBoard = array();
303 1 : $rBoard = forumQuery(
304 : "SELECT boardid, boardname, categoryid
305 : FROM forum_board
306 : WHERE boarddisabled=0 AND is_photogallery=1
307 : ORDER BY boardorder ASC;"
308 1 : );
309 1 : while ($board = mysql_fetch_array($rBoard)) {
310 1 : $p->setBoardid($board['boardid']);
311 1 : if ($p->hasPermission(P_VIEW)) $aBoard[$board['categoryid']][] = $board;
312 1 : }
313 : // category
314 1 : $rCategory = forumQuery(
315 : "SELECT categoryid, categoryname FROM
316 : forum_category ORDER BY categoryorder ASC"
317 1 : );
318 1 : $jumpMenu = '<select class="tbselect" name="board[boardid]" onchange="Submit.click()">';
319 1 : while ($category = mysql_fetch_array($rCategory)) {
320 1 : if (!empty($aBoard[$category['categoryid']]) && $aBoard[$category['categoryid']]) {
321 0 : $jumpMenu.= '<option value="-'.$category['categoryid'].'">'.$category['categoryname'].'</option>';
322 0 : while (list(, $board) = each($aBoard[$category['categoryid']])) {
323 0 : $jumpMenu.= '<option value="'.$board['boardid'].'"'.
324 0 : ($board['boardid'] == $currentboard ? ' selected="selected"' : '') .
325 0 : '>- '.$board['boardname'].'</option>';
326 0 : }
327 0 : }
328 1 : }
329 1 : $jumpMenu.= '</select> <p class="pForm"><input class="tbbutton" type="submit" name="Submit" value="Jump"/></p>';
330 1 : return $jumpMenu;
331 : }
332 : function forumArrayReverse($array) {
333 1 : if (function_exists('array_reverse')) {
334 1 : return array_reverse($array);
335 : } else {
336 0 : $aNew = array();
337 0 : $count = count($array) -1;
338 0 : for ($i = $count ; $i >= 0 ; $i--) {
339 0 : $aNew[] = $array[$i];
340 0 : }
341 0 : return $aNew;
342 : }
343 : }
344 :
345 : function forumQuery($query) {
346 8 : $result = mysql_query($query);
347 8 : if (mysql_errno()) {
348 2 : echo "Modul Forum (class.functions.inc.php): Fataler Fehler bei SQL Abfrage aufgetreten!";
349 2 : $logfile = @fopen(PATH_TO_ROOT."logs/sql-".date("Y-m-d") .".log", "a");
350 2 : if ($logfile) {
351 2 : fwrite($logfile, date("H:i:s") ."\n");
352 2 : fwrite($logfile, "Script: ".$_SERVER["REQUEST_URI"]."\n");
353 2 : if (isset($_SESSION["userid"])) {
354 2 : fwrite(
355 2 : $logfile, "User: ".$_SESSION["userid"].
356 2 : " (".$_SESSION["username"]."), Course: ".
357 2 : $_SESSION["course"]."\n"
358 2 : );
359 2 : }
360 2 : fwrite($logfile, "Query: $query\n");
361 2 : fwrite($logfile, "Error String: ".mysql_error() ."\n");
362 2 : fwrite($logfile, "Error Number: ".mysql_errno() ."\n\n");
363 2 : fclose($logfile);
364 2 : }
365 2 : } else {
366 8 : return $result;
367 : }
368 2 : }
369 : function chopstring($string, $maxchars) {
370 1 : if (strlen($string) > $maxchars) $string = substr($string, 0, ($maxchars-3)) .'...';
371 1 : return $string;
372 : }
373 : function updateboard($boardid) {
374 1 : global $db;
375 : // updates last posttime/thread/author of a board ..
376 1 : $rThread = forumQuery(
377 : "SELECT threadid,
378 : threadtopic,
379 : threadtime,
380 : threadlastreplyby
381 : FROM forum_thread
382 : WHERE threadlink='0'
383 1 : AND boardid='".intval($boardid) ."'
384 : GROUP BY threadid
385 : ORDER BY threadtime DESC LIMIT 1"
386 1 : );
387 1 : if (mysql_num_rows($rThread) < 1) {
388 1 : forumQuery(
389 : "UPDATE forum_board SET
390 : boardlastpost='0',
391 : boardthreadid='0',
392 : boardthreadtopic='',
393 : boardlastpostby='',
394 : boardposts='0',
395 : boardthreads='0'
396 1 : WHERE boardid='".intval($boardid) ."' AND is_photogallery=1"
397 1 : );
398 1 : } else {
399 1 : $thread = mysql_fetch_array($rThread);
400 1 : $rThread = forumQuery("SELECT COUNT(threadid) AS threadcount, SUM(threadreplies) AS postcount FROM forum_thread WHERE boardid=$boardid");
401 1 : $thread = array_merge($thread, mysql_fetch_array($rThread));
402 1 : $thread['postcount']+= $thread['threadcount']; // threads without replies.
403 1 : forumQuery("UPDATE forum_board SET boardlastpost='$thread[threadtime]', boardthreadid='$thread[threadid]', boardthreadtopic='".Data::toMysql($thread['threadtopic'], false) ."', boardlastpostby='".Data::toMysql($thread['threadlastreplyby'], false) ."', boardposts='".$thread['postcount']."', boardthreads='".$thread['threadcount']."' WHERE boardid='".intval($boardid) ."' AND is_photogallery=0");
404 : }
405 1 : }
406 : function updatethread($threadid) {
407 : // update thread stuff when deleting posts
408 1 : $rPost = forumQuery(
409 : "SELECT posttime,
410 : userID,
411 : postguestname
412 : FROM forum_post
413 1 : WHERE threadid='".intval($threadid) .
414 : "' ORDER BY posttime DESC LIMIT 1"
415 1 : );
416 1 : $post = mysql_fetch_array($rPost);
417 1 : if ($post['userID'] != 0) {
418 1 : $rUser = forumQuery("SELECT username FROM forum_user WHERE userID=$post[userID]");
419 1 : $user = mysql_fetch_array($rUser);
420 1 : $author = $user['username'];
421 1 : if (isset($_SESSION["roleID"])) {
422 1 : $role = new Role($_SESSION["roleID"]);
423 1 : $author.= " (".$role->getName($_SESSION["gender"]) .")";
424 1 : }
425 1 : if (isset($_SESSION["teamID"])) {
426 1 : $team = new Team($_SESSION["teamID"]);
427 1 : $author.= " (".$team->getName() .")";
428 1 : }
429 1 : } else {
430 1 : $author = $post['postguestname'];
431 : }
432 1 : forumQuery(
433 0 : "UPDATE forum_thread
434 1 : SET threadtime=$post[posttime], threadlastreplyby='".
435 1 : addslashes($author) ."' WHERE threadid='".intval($threadid) ."'"
436 1 : );
437 1 : }
438 : function checksize($icAvatar) {
439 1 : global $errMsg, $config;
440 1 : if ($icAvatarsize = @GetImageSize($icAvatar)) {
441 0 : if ($icAvatarsize[0] > $config['avatarwidth']) {
442 0 : $errMsg.= 'Das Avatar-Bild ist zu breit.<br/>';
443 0 : }
444 0 : if ($icAvatarsize[1] > $config['avatarheight']) {
445 0 : $errMsg.= 'Das Avatar-Bild ist zu hoch.<br/>';
446 0 : }
447 0 : if ($icAvatarsize[2] > 3) {
448 0 : $errMsg.= 'Das Avatar-Bild hat ein ungültiges Format.<br/>';
449 0 : }
450 0 : } else {
451 1 : $errMsg.= 'Das Avatar-Bild konnte nicht geladen werden.<br/>';
452 : }
453 1 : }
454 : // Funktion zur Ersetzung von gebannten Wörtern (groß/klein egal)
455 : function checkBanned($text) {
456 1 : $rBwords = forumQuery("SELECT banword, modword FROM forum_bannedwords");
457 1 : if (mysql_num_rows($rBwords) != 0) {
458 1 : $bwords = array();
459 1 : $mwords = array();
460 1 : while (list($bword, $mword) = mysql_fetch_row($rBwords)) {
461 1 : $bwords[] = "/([a-z])*(".$bword.")([a-z])*/i";
462 1 : $mwords[] = $mword;
463 1 : }
464 1 : mysql_free_result($rBwords);
465 1 : $text = preg_replace($bwords, $mwords, $text);
466 1 : }
467 1 : return $text;
468 : }
469 : function compressPage($output) {
470 3 : global $_SERVER, $config;
471 3 : if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) &&
472 1 : strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') &&
473 1 : function_exists('gzcompress') &&
474 1 : isset($config['compression']) &&
475 3 : $config['compression']) {
476 1 : $output.= '<!-- gzcompress()ed -->';
477 : // header('Content-Encoding: gzip');
478 1 : $size = strlen($output);
479 1 : $crc = crc32($output);
480 1 : $output = gzcompress($output, 1);
481 1 : print "\x1f\x8b\x08\x00\x00\x00\x00\x00";
482 1 : print substr($output, 0, strlen($output) -4);
483 1 : print pack('V', $crc);
484 1 : print pack('V', $size);
485 1 : } else {
486 2 : print $output;
487 : }
488 3 : }
489 : /**
490 : * Prüft Dateigröße und -typ beim Upload einer Datei
491 : * @package eStudy.PhotoGallery
492 : * @version 1.0, 22/02/04
493 : * @author Frank Staudt <frankstaudt@hotmail.com>
494 : */
495 : class Upload {
496 : /**
497 : * * Gibt die maximal zulässige Dateigröße zurück
498 : *
499 : * @return maximal zulässige Dateigröße
500 : */
501 : public function getMaxFileSize() {
502 1 : global $settings;
503 1 : if (is_numeric($settings['forum_max_filesize'])) {
504 1 : $maxFileSize = $settings['forum_max_filesize'];
505 1 : }
506 1 : return $maxFileSize;
507 : }
508 : /**
509 : * * Prüft ob die Dateigröße dem Limit im Config-File entspricht
510 : *
511 : * @param $size int Größe der Datei in Byte
512 : * @return bool true wenn Größe OK
513 : */
514 : public function fileSizeOK($size) {
515 1 : global $settings;
516 1 : $ok = true;
517 1 : if (is_numeric($settings['forum_max_filesize'])) {
518 1 : $maxFileSize = $settings['forum_max_filesize'];
519 1 : if (($size/1024) > $maxFileSize ||
520 1 : (isset($_FILES['userfile']['error']) &&
521 1 : $_FILES['userfile']['error'] == UPLOAD_ERR_FORM_SIZE)) $ok = false;
522 1 : }
523 1 : return $ok;
524 : }
525 : /**
526 : * * Prüft ob der Dateityp laut Config-File erlaubt ist
527 : *
528 : * @param $name string Dateiname
529 : * @return bool true wenn Dateityp OK
530 : */
531 : public function fileExtOK($name, $attach = 0) {
532 1 : global $settings;
533 1 : if ($settings['forum_forbidden_extensions']) $forbiddenFileExtensions = $settings['forum_forbidden_extensions'];
534 1 : $ok = true;
535 1 : if ($attach) {
536 1 : if ($forbiddenFileExtensions) {
537 1 : $pos = strrpos($name, ".");
538 1 : if ($pos) $ext = substr($name, $pos+1);
539 1 : if (isset($ext) && is_array($forbiddenFileExtensions)) {
540 1 : foreach($forbiddenFileExtensions as $value) {
541 1 : if (strtolower($ext) == strtolower($value)) $ok = false;
542 1 : }
543 1 : } elseif (isset($ext) && strtolower($ext) == strtolower($forbiddenFileExtensions)) $ok = false;
544 1 : }
545 1 : } else {
546 1 : $limitedext = array(".gif", ".jpg", ".jpeg", ".jpe", ".png");
547 1 : $ext = strtolower(strrchr($name, "."));
548 1 : (in_array($ext, $limitedext)) ? $ok = true : $ok = false;
549 : }
550 1 : return $ok;
551 : }
552 : }
553 :
|
